ML
    • Recent
    • Categories
    • Tags
    • Popular
    • Users
    • Groups
    • Register
    • Login

    Anyone figured out how to ZeroTier with AD?

    Scheduled Pinned Locked Moved IT Discussion
    active directoryzerotiervpn
    88 Posts 10 Posters 10.7k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • K
      krisleslie
      last edited by

      I had a lifetime deal with Pertino but after they got absorbed that eventually faded away, unfortunately.

      1 Reply Last reply Reply Quote 0
      • DashrenderD
        Dashrender @krisleslie
        last edited by

        @krisleslie said in Anyone figured out how to ZeroTier with AD?:

        @Dashrender absolutely yea. Because I actually have one staff member who unfortunately has no other option but to go to Starbucks.

        What kind of firewalls do you have?

        1 Reply Last reply Reply Quote 0
        • K
          krisleslie
          last edited by

          Nothing spectacular just UBNT Firewalls.

          DashrenderD scottalanmillerS 2 Replies Last reply Reply Quote 0
          • DashrenderD
            Dashrender @krisleslie
            last edited by

            @krisleslie said in Anyone figured out how to ZeroTier with AD?:

            Nothing spectacular just UBNT Firewalls.

            Perfect - setup a VPN for end user - then have their client Log in with IPSEC

            1 Reply Last reply Reply Quote 0
            • K
              krisleslie
              last edited by

              Already smell what ya cooking
              https://help.ubnt.com/hc/en-us/articles/204949694-EdgeRouter-OpenVPN-Site-to-Site

              DashrenderD 1 Reply Last reply Reply Quote 0
              • DashrenderD
                Dashrender @krisleslie
                last edited by

                @krisleslie said in Anyone figured out how to ZeroTier with AD?:

                Already smell what ya cooking
                https://help.ubnt.com/hc/en-us/articles/204949694-EdgeRouter-OpenVPN-Site-to-Site

                https://help.ubnt.com/hc/en-us/articles/204950294-EdgeRouter-L2TP-IPsec-VPN-Server

                Your link uses OpenVPN - which you'll have to install on the ER.. L2TP will use the stuff already on the ER

                1 Reply Last reply Reply Quote 0
                • K
                  krisleslie
                  last edited by

                  Cool time to read 🙂

                  1 Reply Last reply Reply Quote 0
                  • K
                    krisleslie
                    last edited by

                    So you're suggesting to throw ZeroTier out of the equation (since we're dealing with AD) and then setup L2TP on each router (Site A and Site C) and each client (only a handful of clients for staff but for students maybe a bit of a headache).

                    DashrenderD 2 Replies Last reply Reply Quote 0
                    • K
                      krisleslie
                      last edited by

                      LOL I see why more schools say "F" windows and go straight to Chrome OS.

                      1 Reply Last reply Reply Quote 0
                      • IRJI
                        IRJ @krisleslie
                        last edited by

                        @krisleslie said in Anyone figured out how to ZeroTier with AD?:

                        @IRJ Azure AD shouldn't even be in the conversation lol. Thanks though. Azure AD doesn't work like "AD" entirely. We are a Windows office but we are also vested in Linux and Google Chrome OS. I'm leaning very hard to Chrome OS in the future as most of our needs and staff are about 90-95% fully functional with Chrome OS. At some point the only "Windows" devices will be held by IT and where absolutely necessary.

                        If managing with AD yes , but you mentioned authentication in OP so a workable solution. But yeah azure AD isn't a fit with what you want to do.

                        K 1 Reply Last reply Reply Quote 0
                        • DashrenderD
                          Dashrender @krisleslie
                          last edited by

                          @krisleslie said in Anyone figured out how to ZeroTier with AD?:

                          So you're suggesting to throw ZeroTier out of the equation (since we're dealing with AD) and then setup L2TP on each router (Site A and Site C) and each client (only a handful of clients for staff but for students maybe a bit of a headache).

                          Students? you're a school? yeah - no clue there... I've never had to deal with that kind of pain!

                          I would definitely move everything to a hosted LANLess setup for anything they access.

                          Do you provide devices to Students as well? Definitely want some kind of mobile device manager for those puppies, I would guess. Dealing with them like you deal with typical corporate users would be challenging, I'm guessing.

                          1 Reply Last reply Reply Quote 0
                          • K
                            krisleslie @IRJ
                            last edited by

                            Honestly, it's really for authentication. I'm not even sure I want to add a print server to them. At best right now they will have 3-4 printers. They won't ever need a file server. Most work is done via SaaS services. Honestly if we didn't have some jacked up forms built to only work in MS Office, then I'd say the hell with Windows for those users. It's really not even needed.

                            DashrenderD IRJI 2 Replies Last reply Reply Quote 0
                            • K
                              krisleslie
                              last edited by

                              We are a multi hat non-profit. We just so happen to be a post-secondary school too.

                              DashrenderD 1 Reply Last reply Reply Quote 0
                              • DashrenderD
                                Dashrender @krisleslie
                                last edited by

                                @krisleslie said in Anyone figured out how to ZeroTier with AD?:

                                Honestly, it's really for authentication. I'm not even sure I want to add a print server to them. At best right now they will have 3-4 printers. They won't ever need a file server. Most work is done via SaaS services. Honestly if we didn't have some jacked up forms built to only work in MS Office, then I'd say the hell with Windows for those users. It's really not even needed.

                                Does the online version of Office work for those forms? you can find out by trying a free OneDrive account and edit the file online there.

                                1 Reply Last reply Reply Quote 0
                                • K
                                  krisleslie
                                  last edited by

                                  They come to class, use the device for studying, testing & research purposes and go home. No checking device out to go with you home.

                                  DashrenderD 1 Reply Last reply Reply Quote 0
                                  • IRJI
                                    IRJ @krisleslie
                                    last edited by

                                    @krisleslie said in Anyone figured out how to ZeroTier with AD?:

                                    Honestly, it's really for authentication. I'm not even sure I want to add a print server to them. At best right now they will have 3-4 printers. They won't ever need a file server. Most work is done via SaaS services. Honestly if we didn't have some jacked up forms built to only work in MS Office, then I'd say the hell with Windows for those users. It's really not even needed.

                                    yeah that is honestly your best best, try to eliminate Windows. Possibly use powershell for repeatable scripts if you can.

                                    K 1 Reply Last reply Reply Quote 0
                                    • DashrenderD
                                      Dashrender @krisleslie
                                      last edited by

                                      @krisleslie said in Anyone figured out how to ZeroTier with AD?:

                                      They come to class, use the device for studying, testing & research purposes and go home. No checking device out to go with you home.

                                      In that case - there is no concern about remote access - no concern for these users for ZT or L2TP, etc.

                                      1 Reply Last reply Reply Quote 0
                                      • DashrenderD
                                        Dashrender @krisleslie
                                        last edited by Dashrender

                                        @krisleslie said in Anyone figured out how to ZeroTier with AD?:

                                        So you're suggesting to throw ZeroTier out of the equation (since we're dealing with AD) and then setup L2TP on each router (Site A and Site C) and each client (only a handful of clients for staff but for students maybe a bit of a headache).

                                        Yep - though the ERs will have site to site IPSec, not L2TP.
                                        https://help.ubnt.com/hc/en-us/articles/115011377588-EdgeRouter-Route-Based-Site-to-Site-IPsec-VPN

                                        1 Reply Last reply Reply Quote 0
                                        • K
                                          krisleslie
                                          last edited by

                                          Absolutely the "free" online version of Office works. On a side project, I'm trying to see if I can move over all users from our GoDaddy domain to Google (since we have it for the most part free) and save some coin. My director and various HR staff made horrible forms that exist in Word or Excel. My goal as been to remove Word or Excel even being a needed app except for certain positions and requirements. I personally can't get rid of Word in IT only because I have to use it to build templates for the Saas database we have. But short of that all my work doc wise is about 95% in Google. That 5% for me are those few docs that can't be done in Google without major changes.

                                          See in the overall scheme of things, users just make data. Certain types of data make my job more annoying. If I remove the "needing to backup word docs and spreadsheets etc" from the equation that alone saves any company money on wasted MS Office purchases and also on data storage since its just a string of text from a database template vs a whole doc.

                                          DashrenderD 1 Reply Last reply Reply Quote 0
                                          • K
                                            krisleslie @IRJ
                                            last edited by

                                            @IRJ Lol PowerShell for what purpose?

                                            IRJI 1 Reply Last reply Reply Quote 0
                                            • 1
                                            • 2
                                            • 3
                                            • 4
                                            • 5
                                            • 1 / 5
                                            • First post
                                              Last post